REMARKS 



Status of the claims 

• Claims 1-28 are now pending in this application. 

• Claims 1, 2, 5, 6, 9, 10, and 13-16 are in independent form. 

• Claims 1, 2, 5, 6, 9, 10, and 13-16 have been amended. 

• Claims 18-28 have been added. The new claims have been added to revive the original 
dependent claims that were canceled in the preliminary amendment to avoid claim fees from 
multiple dependencies. 

The rejection under 35 U.S.C. § 112, 2 nd paragraph 

Claims 1-12 were rejected under 35 U.S.C. § 112, second paragraph, as being indefinite, 
for the reasons given at paragraph 3 of the Office Action. The claims have been carefully 
reviewed and amended as deemed necessary to ensure that they conform fully to the 
requirements of Section 112, second paragraph, with special attention to the points raised in 
paragraph 3 of the Office Action. Specifically, recitations of "itself" have been removed and 
replaced with more clear terms for the purposes of clarification. It is believed that the 
rejection under Section 112, second paragraph, has been obviated, and its withdrawal is 
therefore respectfully requested. 

The rejections under 35 U.S.C. § 102/103 

• Claims 1-3, 5-7, and 9-17 were rejected under 35 U.S.C. § 102(b) as being anticipated 
by U.S. Patent 6,668,322 to Wood. 
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• Claims 4 and 8 were rejected under 35 U.S.C. § 103(a) as being obvious from Wood in 
view of U.S. Patent 6,990,592 to Richmond. 

Applicants submit that independent Claims 1, 2, 5, 6, 9, 10, and 13-16, together with the 
claims dependent therefrom, are patentably distinct from the cited references for at least the 
following reasons. 

The basic concept of the invention claimed in Claims 1 and 2 is to give a particular access 
right to a combination of a particular user and a particular computer. In the example shown 
in Fig. 2 of the present application 1 , user a bearing medium Rl 1 is given a proper access right 
when he uses computer 11, but not when he uses the other computers 12 or 21. When user a 
connects his medium Rll to computer 11, ID(ll) in computer 11 coincides with ID(ll) in 
medium Rl 1 so that computer 1 1 sets a proper access right. In this case, the proper access 
right is not set for either user himself or computer 1 1 itself, but is set for a combination of 
user a and computer 11. Similarly, according to the invention claimed in Claims 5 and 6, a 
particular access right is given to a particular environment of connecting a computer to a 
specific location of the network. 

Wood, as understood by Applicants, discusses a security architecture in which a single 
sign-on is provided; that is, session credentials are used to maintain continuity of a persistent 
session across multiple accesses. Though FIG. 1 of Wood is an information flow chart, 
browser block 170 corresponds to a client computer and the other blocks 110, 120, 130, 140, 
150, 160 and 190 correspond to a server computer. When a user tries to access the server 
computer from the client computer (browser 170), a procedure to establish a session is carried 

l lt is of course to be understood that the references to various portions of the present 
application are by way of illustration and example only, and that the claims are not limited by 
the details shown in the portions referred to. 
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out in blocks 110-160. Then the server computer authenticates a user's access and supplies a 
session token to the client computer. The session token is cryptographically secured and 
encoded in a cookie placed at browser 170 in the client computer. As mentioned in column 
12 lines 50-57, the session token may be stored in a medium such as a smart card. A new 
access request can be made using the stored session token. 
Important things to be remarked are: 

(1) Though a session token of Wood stored in a smart card is used to establish a 
session, an identification code of the present invention is not necessary to be sent to the server 
computer in order to establish a session. The role of the identification code of the invention 
is to distinguish respective client computers; and 

(2) Though an access right in Wood is set by the server computer (authorization 
component 140), an access right in the invention is set by the client computer (Claims 1, 5, 9) 
or the portable information processing device (Claims 2, 6, 10). 

More detailed discussions for the respective claims are as follows. 

Claim 1 

A specific identification code is recorded in both a specific client computer and a specific 
portable information recording media issued to a specific individual user, the identification 
code being not necessary to be sent to the server computer in order to establish a session. 
Wood does not disclose this feature because a session token mentioned in column 12, lines 
50-57 is used to establish a session and therefore it is not an identification code mentioned in 
the present invention. 

An identification code comparing means (11C) and an access right setting means (11B) 
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are elements included in the client computer, but not in the server computer. Therefore, an 
identification code comparing process and an access right setting process are carried out by 
the client computer in the invention. The client computer sets an access right in a respective 
session in the invention. On the contrary, in Wood's system, an authentication process is 
carried out by authentication component 130 and an authorization process is carried out by 
authorization component 140, both the components being included in the server computer. 
The server computer sets an access right in a respective session in Wood's system. As a 
matter of fact, Wood discloses only browser 170 as a component included in a client 
computer. 



Claim 2 

The same discussion can be made as that made in claim 1, though an identification code 
comparing means (HE) and an access right setting means (11F) are elements included in the 
portable information processing device. That is, a portable information processing device 
sets an access right in a respective session. On the contrary, in Wood's system, the server 
computer sets an access right in a respective session. 



Claim 5 

Environment information is recorded in each of the portable information recording media 
issued to the individual users. In column 6, lines 7-22, Wood discloses that authorization 
component 140 refuses access based on the environment. Therefore, environment 
information is supposed to be recorded in authorization component 140. Wood does not 
disclose environment information recorded in each of the portable information recording 
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media issued to the individual users. 

An environment comparing means (11H) and an access right setting means (11B) are 
elements included in the client computer, but not in the server computer. Therefore, an 
environment comparing process and an access right setting process are carried out by the 
client computer in the invention. The client computer sets an access right in a respective 
session in the invention. On the contrary, in Wood's system, authorization component 140 
refuses access based on the environment as mentioned in column 6, lines 7-22. That is, the 
server computer sets an access right in a respective session in Wood's system. 

Claim 6 

The same discussion can be made as that made in claim 5, though an environment 
comparing means (111) and an access right setting means (11F) are elements included in the 
portable information processing device. That is, portable information processing device sets 
an access right in a respective session. On the contrary, in Wood's system, the server 
computer sets an access right in a respective session. 

Claims 9. 10 

The same discussion can be made as that made in the above-mentioned claims. 
Claims 13-16 

The same discussion can be made as that made in the above-mentioned claims. Both of a first 
operation and a second operation are carried out by a client computer or a portable 
information processing device, but not by a server computer. 
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The dependent claims 

The other claims in this application are each dependent from one or another of the 
independent claims discussed above and are therefore believed patentable for the same 
reasons. Since each dependent claim is also deemed to define an additional aspect of the invention, 
however, the individual consideration or reconsideration, as the case may be, of the 
patentability of each on its own merits is respectfully requested. 



Conclusion 

In view of the foregoing amendments and remarks, Applicants respectfully request 
favorable reconsideration and early passage to issue of the present application. 

Respectfully Submitted 



/Raymond A. DiPerna/ 

Raymond A. DiPerna 

c/o Ladas & Parry LLP 

26 West 61 st Street 

New York, New York 10023 

Reg. No. 44,063 

Tel. No. (212) 708-1950 
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